# Technology Background

A typical (SSO) needs a few key points to be reviewed; one would be the User Authentication, normally there are three ways or combinations of authenticating a user, these are:

• Something the user knows – i.e. a user id and password
• Something the user has – a security token, smartcard, or a digital certificate
• Something the user is – a biometric

The most common form of user authentication is the user id and password, but it is also the least secure today. There are software and hardware that are readily available on the market that can easily capture or steal a user’s user id and password. As a result, a growing number of enterprises and regulators are beginning to require multi-factor authentication or “strong authentication”. The security of the user’s authentication pose great importance to the project, JOSSO has a built-in security protocol that ensures the user’s credentials to be safe.

Another key point is the User Authorization or the permission of the user to access different websites. Commonly used websites or applications have access to SSO, take Google Apps and Facebook as examples, there are numerous sites that you can sign on to with the use of your Facebook login details. Currently, there are more and more sites offering a “Sign in with other website” protocol since not only is it faster and easier, but it lets the user access the website with ease.